Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
quirogaca
New Contributor II

Created on ‎12-19-2017 08:00 PM

Please help - I do not understand how or where to check for logs

 

 

Hello Everyone:

 

On my Fortigate 60E, I do not understand how the traffic is logged. For example, I am seeing some peaks on the dashboard at certain hours, and I just cannot find the way to relate those peaks to any connection or device or IP, even though I see the sources and destinations list. Maybe there is some other screen and I cannot find it.

 

Can anybody please help, I am new to managing this brand of devices.

 

Thank you.

 

 

4182
0 Kudos
2 REPLIES 2
oheigl
Contributor II

Created on ‎12-20-2017 05:13 AM

In the FortiView > All Sessions you should be able to sort by the current throughput. The traffic logs only will not assist you in this case, because if there is for example a software, which always uses the same session and doesn't close it, you will not see it in the log till the connection is closed.

Maybe you can try to set up a netflow/sflow analyzer, I guess this would help

 

1041
0 Kudos
ux_guy_FTNT
New Contributor
In response to oheigl

Created on ‎12-27-2017 10:58 AM

Hi quirogaca,

Welcome & glad to have you using our products.

It is possible to select a timeframe within the widget, it will then prompt you to view either sources or destinations in FortiView.

Did this help you track down the reason for the spike?

 

 

1041
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.